# 编写  elasticsearch单机配置
vim /mydata/elasticsearch/config/elasticsearch.yml
http.host: 0.0.0.0
mkdir /mydata/elasticsearch/data
mkdir /mydata/elasticsearch/plugins
# 安装 id 分词器
cd /mydata/plugins/ik
wget  https://github.com/medcl/elasticsearch-analysis-ik/releases/download/v7.6.2/elasticsearch-analysis-ik-7.6.2.zip
unzip elasticsearch-analysis-ik-7.6.2.zip -d ink
rm -rf elasticsearch-analysis-ik-7.6.2.zip
# 所有文件赋权
chmod -R 777 *


# 编写logstash 配置
vim /mydata/logstash/pipline/logstash.conf
input {
  tcp {
    mode => "server"
    host => "0.0.0.0"
    port => 4560
    codec => json_lines
  }
}

output {
  elasticsearch {
    hosts => "es:9200"
    index => "logstash-service-%{+YYYY.MM.dd}"
  }
}

# 执行 docker-compose
docker-compose -f elk-docker-compose.yml up -d

# 去portainer 看结果
